Wasn't it (the brk vuln) considered to be threatening enough to justify
a quick fix, or was it because the fix by Andrew Morton didn't say
(kerne changelog) enough about the potential seriousness of the vuln, or?

forgot to say: hat's off to the forensics guys. great work! I really
appreciate that we now know what helped the attacker gain root.